sotoon_iam_role_service_user_binding (Resource)

Relation between role and service-user. Existance of an instance from this resource will applies an specified role to the selected service-user.

Example Usage

data "sotoon_workspace" "mycompany" {
  id = "ee6f89b5-e07c-42f1-9462-05cec9cd92d8" # Workspace ID
}

data "sotoon_iam_service_user" "my_deployer" {
  workspace_id = data.sotoon_workspace.mycompany.id
  name         = "deployer"
}

data "sotoon_iam_role" "compute_viewer" {
  name = "compute-viewer"
}

resource "sotoon_iam_role_service_user_binding" "mydeployer_is_compute_viewer" {
  service_user_id = data.sotoon_iam_service_user.my_deployer.id
  workspace_id    = data.sotoon_workspace.mycompany.id
  role_id         = data.sotoon_iam_role.compute_viewer.id
  items = {
    "zone" : "neda",
    "namespace" : "mycompany"
  }
}

Schema

Required

• role_id (String) ID of the role which is going to be applied on the specified service-user.
• service_user_id (String) ID of the service-user which the role is going to be binded to that.
• workspace_id (String) ID of the workspace that service-user is defined in that.

Optional

• items (Map of String) Items of the binding.

Read-Only

• id (String) ID of the binding
• last_updated (String) Timestamp of the last Terraform update of the role-service_user.

Import

Import is supported using the following syntax:

# Replace <role-id>, <service-user-id> and <workspace-id> with real values
terraform import sotoon_iam_role_service_user_binding.mydeployer_is_compute_viewer "<role-id>:<service-user-id>:<workspace-id>"

# For example:
terraform import sotoon_iam_role_service_user_binding.mydeployer_is_compute_viewer \
    "b8c133a4-a060-4906-8654-57988dbdf098:34f57a2f-6e4d-4ded-9025-ff00911d3313:ee6f89b5-e07c-42f1-9462-05cec9cd92d8"